The Industrial Cybersecurity Center in Denmark

Team

Søren Egede Knudsen

Søren Egede Knudsen is a senior cyber security consultant with more than 25 years of experience in IT network and cyber security. Søren started his professional work with IBM 3270 systems in 1991 and IT network and cyber security from 1993. Since 2009, Søren has worked in ICS/OT cyber security and are today considered an […]

Maite Carli García

Maite Carli is Communication Manager and European Coordinator at the Industrial Cybersecurity Center. Specialized in administration of networks and communications, industrial critical infrastructures, industry 4.0, data analysis technologies in the Health sector and industrial cybersecurity, having done several courses and a master. She has developed her professional career in the United Kingdom for 9 years.

Søren Egede, the Industrial Cibersecurity Center Coordinator in Denmark (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.

He describes the level of sensitivity of industrial organizations in his country according to the following percentages:

He also affirms that the trend of recent years has exponentially grown.

Denmark counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

  • Danish Energy Agency
  • CFCS - National Cert
  • Health Data Protection Agency
  • Transport Agency

Among the main national laws and regulations affecting in this context in Denmark, Søren Egede mentions:

  • NIS Directive (OES) one for each sector

Analysing the most widely adopted industrial cybersecurity measures by Denmark's organizations to protect industrial automation systems, Søren highlights the application of:

  • Industrial cybersecurity consulting / advisory
  • Internal security audits
  • External security audits
  • Network design and architectures
  • Conventional firewalls
  • Industrial firewalls
  • IDS / IPS
  • Backups
  • SIEM (Security information and event management)
  • Log correlation
  • Whitelisting
  • Antivirus

The CCI Coordinator in Denmark characterizes the industrial cybersecurity situation in his country with the following SWOT analysis:

Weaknesses

  • Lack of operational technologies certifications, processes and professionals

  • Lack of specific industry cybersecurity legislation

  • Lack of events and forums on industrial cybersecurity

  • Lack of specific CERTs

Strengths

  • Awareness, especially regarding industrial critical infrastructures

  • Leadership and recognition in the international markets

  • Solutions and services catalogue in industrial cybersecurity

Threats

  • High development of industrial applications without cybersecurity requirements

  • Slow legislation

  • Shortage of local industrial cybersecurity professionals working for manufacturers

  • Lack of ICS cybersecurity professionals and education

Opportunities

  • Increased of cibersecurity demand for Industry 4.0 and the Internet of things.

  • Strategic position in the industrial cyber security sector

  • Leadership and political understanding is pressent

Activities

XVI International Congress of experiences in Industrial Cybersecurity. Europe

As a fundamental part of its activity, the Industrial Cybersecurity Center (CCI) will hold its XVI Industrial Cybersecurity International Congress in Europe from September 28th to 30th (9:00 to 14:00 CEST), one of the benchmark events for the European market, and a meeting and exchange point of knowledge, experiences and relationships of all the actors […]